Is it really spyware if the device owner installs it deliberately? After all this application is not run on home or personal machines. It only runs in corporate environments where you do not own the equipment you use.
It become malicious when you start demanding IT departments to install insecure, untested kernel drivers. Crowdstrike did not own any of the millions of devices they just killed today.
Malicious requires intent. I have massive doubts CS wanted to deploy a Kernel driver full of NULL values to their clients. more likely a human error happened as part of a larger automated process.
Any third party remotely deploying kernel-level spyware is malware. We as an industry shouldn’t accept this kind of behavior.
Is it really spyware if the device owner installs it deliberately? After all this application is not run on home or personal machines. It only runs in corporate environments where you do not own the equipment you use.
It become malicious when you start demanding IT departments to install insecure, untested kernel drivers. Crowdstrike did not own any of the millions of devices they just killed today.
Malicious requires intent. I have massive doubts CS wanted to deploy a Kernel driver full of NULL values to their clients. more likely a human error happened as part of a larger automated process.